rbac

From: Ian Pease (I.Pease@esteem.co.uk)
Date: Thu Jul 20 2006 - 12:23:38 EDT

• Next message: j.hotchkiss@accenture.com: "solaris server migration"
• Previous message: Brent: "dladm on Solaris 10 help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi gurus what I am trying to do is allow a user called mp13t to use the
command "su - mp13tnet" (by executing the script su_mp13tnet) so that is
doesn't prompt for a password. For example I wanted the user mp13t to run the
command "su - mp13t_net" as the user root

This is what I tried but it is still prompting for a password

vi exec_attr Add su priv:suser:cmd:::/export/home/su_mp13tnet:uid=0

The file /export/home/su_mp13tnet (owned by root) contains :-
#!/bin/pfksh
/usr/bin/su - mp13t_net

vi prof_attr Add su priv:::Privilege for switching into mp13tnet

roleadd -d /export/home/mp13tnet_role -c "Role allows su - mp13tnet and
stop/start service" -P "su priv" \
            -s /usr/bin/pfksh -m mp13tnet_role

passwd -d mp13tnet_role

usermod -R mp13tnet_role mp13t

Does anyone know if this is possible

tia
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: j.hotchkiss@accenture.com: "solaris server migration"
• Previous message: Brent: "dladm on Solaris 10 help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:40:26 EDT